Hijack This Log - PLEASE HELP - Horribly Infected
Yes, my password is: Forgot your password? STEP 5 Run mwavscan Close everything else, close all windows, all browsers, all programs. Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Loading... Also I am still sending an ungodly amount of packets while at idle and the is a small padlock icon in my network details that ive only seen when there is this contact form
So I thank you and here's a fresh log: Logfile of HijackThis v1.99.1Scan saved at 1:27:19 PM, on 7/29/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exeC:\PROGRA~1\Iomega\System32\ActivityDisk.exeC:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exeC:\WINDOWS\system32\wdfmgr.exeC:\Program Files\Sony\VAIO this is the hijackthis log Code: Logfile of HijackThis v1.99.1 Scan saved at 16.46.14, on 07/03/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe I also didnt do the last step (the website virus scanners) becuase I havent have the best of luck with them in the past. Of course, I could be wrong. https://forums.techguy.org/threads/hijack-this-log-please-help-horribly-infected.366688/
You have had Backdoor.Win32.Rbot.gen running at your system. Action Taken: File Deleted. I know that it doesn't have that much RAM, but it was running fine for ages......Off to run what you suggested....and can we clean up my registry? Your computer is in consequence sending all traffic to the infected PC which forwards it to the internet and filters it in order to put its malicious code.
Please run one more HijackThis using v2.0.2 here: http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html Can you be more specific about the current problem? Smileys sind an. [IMG] Code ist an. [VIDEO] Code ist an. It sometimes needs several minutes to open a new IE window or start to write in a web-form. Since you are having trouble keeping a clean system, some people would say the infection is actually in one of your defensive programs, maybe Norton AV, so I would not install
Or at last it appears that way to me. Start a full scan (all files!) [Memory, StartUp-Folders, Drives, All Local Drives, Registry and INI Files, System Folders, Services must be checkmarked] by running 'mwavscan.com' (directory c:\bases): Click on 'Scan clean' Using the site is easy and fun. http://www.bleepingcomputer.com/forums/t/59596/so-horribly-infected-a-virus-that-installs-other-viruses/ It also takes a long time for Internet Explorer to load, though that may be because I turned on a security feature from my antivirus program, Tend Micro PC-cillin, which adds
IE Privacy Keeper 2.3 zipgenius (if you have no zip-tool) escan: mwav.exe - (MUST!) Unzip the 'mwav.exe' into a new to create directory 'c:\bases' (!). Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 Buckeye_Sam Buckeye_Sam Malware Expert Members 17,382 posts OFFLINE Gender:Male Location:Pickerington, Ohio Local time:05:05 PM Posted There is not much danger in using an old PC as a sacrificial lamb. A bios virus is a possibility.
If I have helped you in any way, please consider a donation to help me continue the fight against malware.Failing to respond back to the person that is giving up their That's my mistake. maybe you could shed some light on this. or read our Welcome Guide to learn how to use this site.
Scan your system with 3 Online-Scanners: * http://housecall.trendmicro.com * Panda ActiveScan * http://bitdefender.com/scan/licence.php * http://www.windowsecurity.com/trojanscan/ Please post the results. weblink Because there appeared to be two instances of it trying to run on my computer when I launched the ComboFix program. If so all original files folders programs email etc should be there. Action Taken: File Deleted.
TechSpot is a registered trademark. Hello gohan, your system was horribly infected. http://image.hijackthis.eu/k/14.gifKnow how - HijackThis (en) | i | Know how - HijackThis (de)Tipps & Tricks | Freie Frage | FreewareWindows Complaints | UNITE | Bluescreen-Support 07.03.2005,16:48 #3 gohan Einsteiger Registriert seit http://pcialliance.org/hijack-this/hijack-this-please-i-think-i-ve-been-infected.html Click on "Scan Now" Run the scanner using the Full Scan (Perform full system scan) mode.
Look for the files which are tagged as "virus" (of "infected"). Post another new HijackThis Logfile. HTML-Code ist aus.
In running different programs that look for spyware, trojans and malware, many problems were found, including Key Logger "Actual Spy 2.8", Backdoor.Bifrose Backdoor , and assorted and sundry other things, including STEP 3 Run then DELLATER.exe on your system. windows XP sp2 install untatted . Last night I gave up on scanners and used segate tools and zero filled then reinstalled xp , I have not connected to the net ..whan i do im sending out
Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... Nov 27, 2008 #23 elymcd TS Rookie Topic Starter Posts: 20 What About a rootkit ? Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. his comment is here one being that the first log looks to be incomplete and the second because I restarted my computer, so I'm posting the most recent log file:Logfile of HijackThis v1.99.1Scan saved at
It is not necessarily that one you have, but very probably some form of MBR virus. Click here to join today! Other rootkitrevealers don't.3.